From owner-freebsd-security  Thu Apr  8 19:26:25 1999
Delivered-To: freebsd-security@freebsd.org
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by hub.freebsd.org (Postfix) with ESMTP id D32A4159F6
	for <freebsd-security@FreeBSD.ORG>; Thu,  8 Apr 1999 19:26:11 -0700 (PDT)
	(envelope-from robert@cyrus.watson.org)
Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3])
	by fledge.watson.org (8.8.8/8.8.8) with SMTP id WAA17467;
	Thu, 8 Apr 1999 22:22:39 -0400 (EDT)
	(envelope-from robert@cyrus.watson.org)
Date: Thu, 8 Apr 1999 22:22:39 -0400 (EDT)
From: Robert Watson <robert@cyrus.watson.org>
X-Sender: robert@fledge.watson.org
Reply-To: Robert Watson <robert+freebsd@cyrus.watson.org>
To: Matthew Dillon <dillon@apollo.backplane.com>
Cc: Foxfair Hu <foxfair@news.ks.edu.tw>, freebsd-security@FreeBSD.ORG
Subject: Re: Fw: Netscape 4.5 vulnerability
In-Reply-To: <199904090133.SAA16835@apollo.backplane.com>
Message-ID: <Pine.BSF.3.96.990408222051.17455A-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, 8 Apr 1999, Matthew Dillon wrote:

> :Forwarded by Foxfair Hu <foxfair@news.ks.edu.tw>
> :---------------- Original message follows ----------------
> : From: Alexey Pavlov <paaa@UIC.NNOV.RU>
> : To: BUGTRAQ@netspace.org
> : Date: Thu, 8 Apr 1999 21:12:27 +0400
> : Subject: Netscape 4.5 vulnerability
> :--
> :
> :I found method how to get users passwords from Netscape 4.5 for FreeBSD
> : ~user/.netscape/liprefs.js file. This file is used for storing user
> :last
> :session preferences .This file also contains encrypted password for
> :pop3.
> :Not like a DES , this encryption can be decrypted. As a result of many
> :experiments i wrote this program. It gives me almost all passwords in my
> : system, because all people use Netscape.
> :Here is src of this decryption programm:
> 
>     The 'security hole' is that netscape doesn't make the .netscape
>     directory 700.  I'd report it to netscape.  I dunno whether they
>     will do anything about it, though.

Huh.  Didn't do that for me; mine is safely readable and writable only for
my uid.  And there are a lot of posts to bugtraq about programs that store
passwords unencrypted and it always surprises me that people are still
complaining about it :-).  As you suggest, the real issue is the access
control used to protect the data object, which in Windows are nil, of
course.

  Robert N Watson 

robert@fledge.watson.org              http://www.watson.org/~robert/
PGP key fingerprint: 03 01 DD 8E 15 67 48 73  25 6D 10 FC EC 68 C1 1C

Carnegie Mellon University            http://www.cmu.edu/
TIS Labs at Network Associates, Inc.  http://www.tis.com/
Safeport Network Services             http://www.safeport.com/



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message